1st Edition
Electronic Record Keeping Achieving and Maintaining Compliance with 21 CFR Part 11 and 45 CFR Parts 160, 162, and 164
The current revolution in software, and the regulations that have evolved to address it, have increasingly caused companies to turn to off-the-shelf software for electronic record keeping. Data captured in computerized systems must be as reliable, if not more so, than data on paper. Electronic Record Keeping: Achieving Compliance with 21 CFR Part 11 and 45 CFR Parts 160, 162, and 164 explores how to evaluate, select, implement, and document an e-system that will keep your organization in compliance.
Covering Title 21 of the Code of Federal Regulations (CFR) Part 11 and the parallel, recently passed Title 45 CFR Parts 160, 162, and 164 of the Health Insurance Portability and Accountability Act (HIPAA), this book provides guidance for selecting, purchasing, installing, validating, and managing commercial off-the-shelf software for data collection and retention. It takes a number of years for industry standards for a new regulation to develop from dialog between companies and the regulating agency. These standards are in place for Part 11, which was passed into law in 1997. Healthcare providers who must implement electronic record keeping can learn how to best do it by understanding the parallel between the new HIPAA regulations and the industry standards for Part 11. Further, certain FDA-driven activities, such as patient record keeping in clinical trials, now must comply with the new HIPAA regs as well. To help companies achieve and maintain compliance, the authors cover audit trails, validation, documentation, training, and security and accountability. They discuss what the regulations say and what they mean.
Compliance may be mandatory, but it also makes good business sense. Companies that are compliant will always be poised to move forward, and they will avoid the grief that comes from poor or faulty record keeping and documentation. This book gives you the tools you need to keep your company both compliant and competitive.
Regulatory Evolution
The Electronic Revolution
Compliance Requirements
General Basis for Electronic Records
Security, Data Transfer, Operation Checks, Archiving, and Audit Trails
THE REGULATIONS: NOT JUST WHAT THEY SAY, BUT WHAT THEY MEAN
21 CFR Part 11 Electronic Records; Electronic Signatures and 45 CFR Parts 160, 162, and 164 Health Insurance Reform: Security Standards
GOING ELECTRONIC: WHAT YOU NEED TO KNOW AND DO
Software Development and Use: From Then Till Now
The COTS Software Development Life Cycle
Purchasing COTS Software
Developer and User Validation
Operating Environments
IQ/OQ/PQ and CSV
Retrospective Validation
DOCUMENTATION AND TRAINING
The Validation Packet
Validation Documents
System Support Documents
Additional Records
Training
SECURITY, ACCOUNTABILITY, AND CHANGE MANAGEMENT
Managing the System
Security and the People Factor
Ongoing Communication
Managing Passwords: A Keychain
Biometric Keychains
Change Management
AUDITING ELECTRONIC RECORD KEEPING SYSTEMS
Establishing an Audit Function
Establishing the Scope of the Audit and preparing to Audit
Reviewing Binding Regulations and Documentation
Planning the Audit
Conducting the Actual Audit
Evaluating and Reporting Results
Keeping the Audit Function Vital
Auditing and the Regulatory Inspection
MOVING FORWARD
Computer System Validation Committee
Changing Company Cultures
Gap Analysis
Computer System Inventory
Remaining Vigilant
FREQUENTLY ASKED QUESTIONS
Binding Regulations
Software Vendors
Computer System Validation
Electronic Records
Electronic Signatures and Accountability
Security
Systems
Audit Trails
Staying Informed
Biography
David Nettleton